US8190868B2 - Malware management through kernel detection - Google Patents
Malware management through kernel detection Download PDFInfo
- Publication number
- US8190868B2 US8190868B2 US11/462,827 US46282706A US8190868B2 US 8190868 B2 US8190868 B2 US 8190868B2 US 46282706 A US46282706 A US 46282706A US 8190868 B2 US8190868 B2 US 8190868B2
- Authority
- US
- United States
- Prior art keywords
- pestware
- kernel
- computer
- level monitor
- period
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
- 238000001514 detection method Methods 0.000 title description 3
- 238000000034 method Methods 0.000 claims abstract description 34
- 238000012544 monitoring process Methods 0.000 claims abstract description 11
- 230000000977 initiatory effect Effects 0.000 claims abstract description 5
- 230000006399 behavior Effects 0.000 claims description 34
- 230000000694 effects Effects 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 4
- 230000004044 response Effects 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010348 incorporation Methods 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Abstract
Description
Claims (15)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/462,827 US8190868B2 (en) | 2006-08-07 | 2006-08-07 | Malware management through kernel detection |
US13/460,655 US8856505B2 (en) | 2006-08-07 | 2012-04-30 | Malware management through kernel detection during a boot sequence |
US14/507,657 US9754102B2 (en) | 2006-08-07 | 2014-10-06 | Malware management through kernel detection during a boot sequence |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/462,827 US8190868B2 (en) | 2006-08-07 | 2006-08-07 | Malware management through kernel detection |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/460,655 Continuation US8856505B2 (en) | 2006-08-07 | 2012-04-30 | Malware management through kernel detection during a boot sequence |
Publications (2)
Publication Number | Publication Date |
---|---|
US20080034429A1 US20080034429A1 (en) | 2008-02-07 |
US8190868B2 true US8190868B2 (en) | 2012-05-29 |
Family
ID=39030780
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/462,827 Active 2029-04-06 US8190868B2 (en) | 2006-08-07 | 2006-08-07 | Malware management through kernel detection |
US13/460,655 Active 2026-08-31 US8856505B2 (en) | 2006-08-07 | 2012-04-30 | Malware management through kernel detection during a boot sequence |
US14/507,657 Active US9754102B2 (en) | 2006-08-07 | 2014-10-06 | Malware management through kernel detection during a boot sequence |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/460,655 Active 2026-08-31 US8856505B2 (en) | 2006-08-07 | 2012-04-30 | Malware management through kernel detection during a boot sequence |
US14/507,657 Active US9754102B2 (en) | 2006-08-07 | 2014-10-06 | Malware management through kernel detection during a boot sequence |
Country Status (1)
Country | Link |
---|---|
US (3) | US8190868B2 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8635438B2 (en) | 2006-08-18 | 2014-01-21 | Webroot Inc. | Method and system of file manipulation during early boot time by accessing user-level data associated with a kernel-level function |
US20140047541A1 (en) * | 2007-12-13 | 2014-02-13 | Trend Micro Incorporated | Method and system for protecting a computer system during boot operation |
US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
US20150067859A1 (en) * | 2013-09-02 | 2015-03-05 | Shine Security Ltd. | Preemptive event handling |
US20170061127A1 (en) * | 2015-07-28 | 2017-03-02 | Crowdstrike, Inc. | Integrity Assurance Through Early Loading in the Boot Phase |
US9754102B2 (en) | 2006-08-07 | 2017-09-05 | Webroot Inc. | Malware management through kernel detection during a boot sequence |
US9858626B2 (en) | 2012-06-29 | 2018-01-02 | Crowdstrike, Inc. | Social sharing of security information in a group |
US9871809B2 (en) | 2013-08-26 | 2018-01-16 | Shine Security Ltd. | Reversion of system objects affected by a malware |
US10289405B2 (en) | 2014-03-20 | 2019-05-14 | Crowdstrike, Inc. | Integrity assurance and rebootless updating during runtime |
US10387228B2 (en) | 2017-02-21 | 2019-08-20 | Crowdstrike, Inc. | Symmetric bridge component for communications between kernel mode and user mode |
US10853491B2 (en) | 2012-06-08 | 2020-12-01 | Crowdstrike, Inc. | Security agent |
US11489857B2 (en) | 2009-04-21 | 2022-11-01 | Webroot Inc. | System and method for developing a risk profile for an internet resource |
Families Citing this family (56)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7765558B2 (en) * | 2004-07-06 | 2010-07-27 | Authentium, Inc. | System and method for handling an event in a computer system |
US8341649B2 (en) * | 2004-07-06 | 2012-12-25 | Wontok, Inc. | System and method for handling an event in a computer system |
US7921461B1 (en) * | 2007-01-16 | 2011-04-05 | Kaspersky Lab, Zao | System and method for rootkit detection and cure |
US8145903B2 (en) * | 2007-05-25 | 2012-03-27 | Red Hat, Inc. | Method and system for a kernel lock validator |
US8065728B2 (en) * | 2007-09-10 | 2011-11-22 | Wisconsin Alumni Research Foundation | Malware prevention system monitoring kernel events |
US8650648B2 (en) | 2008-03-26 | 2014-02-11 | Sophos Limited | Method and system for detecting restricted content associated with retrieved content |
WO2009151888A2 (en) * | 2008-05-19 | 2009-12-17 | Authentium, Inc. | Secure virtualization system software |
US9465937B1 (en) * | 2008-05-30 | 2016-10-11 | Symantec Corporation | Methods and systems for securely managing file-attribute information for files in a file system |
US9390263B2 (en) | 2010-03-31 | 2016-07-12 | Sophos Limited | Use of an application controller to monitor and control software file and application environments |
US8539584B2 (en) * | 2010-08-30 | 2013-09-17 | International Business Machines Corporation | Rootkit monitoring agent built into an operating system kernel |
JP5200085B2 (en) * | 2010-11-04 | 2013-05-15 | レノボ・シンガポール・プライベート・リミテッド | Method and computer for starting computer in a short time |
WO2012154664A2 (en) * | 2011-05-06 | 2012-11-15 | University Of North Carolina At Chapel Hill | Methods, systems, and computer readable media for detecting injected machine code |
CN103679013B (en) * | 2012-09-03 | 2017-10-31 | 腾讯科技(深圳)有限公司 | System malware detection methods and device |
US10409980B2 (en) | 2012-12-27 | 2019-09-10 | Crowdstrike, Inc. | Real-time representation of security-relevant system state |
US10356047B2 (en) * | 2013-12-05 | 2019-07-16 | Crowdstrike, Inc. | RPC call interception |
US20150222646A1 (en) | 2014-01-31 | 2015-08-06 | Crowdstrike, Inc. | Tagging Security-Relevant System Objects |
AU2015235840A1 (en) * | 2014-03-27 | 2016-08-18 | Alert Logic, Inc. | Malicious software identification integrating behavioral analytics and hardware events |
US9917851B2 (en) | 2014-04-28 | 2018-03-13 | Sophos Limited | Intrusion detection using a heartbeat |
US10122753B2 (en) | 2014-04-28 | 2018-11-06 | Sophos Limited | Using reputation to avoid false malware detections |
US9798882B2 (en) | 2014-06-06 | 2017-10-24 | Crowdstrike, Inc. | Real-time model of states of monitored devices |
US11507663B2 (en) | 2014-08-11 | 2022-11-22 | Sentinel Labs Israel Ltd. | Method of remediating operations performed by a program and system thereof |
US9710648B2 (en) | 2014-08-11 | 2017-07-18 | Sentinel Labs Israel Ltd. | Method of malware detection and system thereof |
US10102374B1 (en) | 2014-08-11 | 2018-10-16 | Sentinel Labs Israel Ltd. | Method of remediating a program and system thereof by undoing operations |
WO2016097757A1 (en) | 2014-12-18 | 2016-06-23 | Sophos Limited | A method and system for network access control based on traffic monitoring and vulnerability detection using process related information |
US9876852B2 (en) | 2015-07-23 | 2018-01-23 | Microsoft Technology Licensing, Llc | Coordinating actions across platforms |
US9928366B2 (en) | 2016-04-15 | 2018-03-27 | Sophos Limited | Endpoint malware detection using an event graph |
WO2018004600A1 (en) | 2016-06-30 | 2018-01-04 | Sophos Limited | Proactive network security using a health heartbeat |
US11120106B2 (en) | 2016-07-30 | 2021-09-14 | Endgame, Inc. | Hardware—assisted system and method for detecting and analyzing system calls made to an operating system kernel |
GB2555517B (en) | 2016-08-03 | 2022-05-11 | Sophos Ltd | Mitigation of return-oriented programming attacks |
US11616812B2 (en) | 2016-12-19 | 2023-03-28 | Attivo Networks Inc. | Deceiving attackers accessing active directory data |
US11695800B2 (en) | 2016-12-19 | 2023-07-04 | SentinelOne, Inc. | Deceiving attackers accessing network data |
US10503899B2 (en) * | 2017-07-10 | 2019-12-10 | Centripetal Networks, Inc. | Cyberanalysis workflow acceleration |
US11151251B2 (en) | 2017-07-13 | 2021-10-19 | Endgame, Inc. | System and method for validating in-memory integrity of executable files to identify malicious activity |
US11151247B2 (en) | 2017-07-13 | 2021-10-19 | Endgame, Inc. | System and method for detecting malware injected into memory of a computing device |
US10462171B2 (en) | 2017-08-08 | 2019-10-29 | Sentinel Labs Israel Ltd. | Methods, systems, and devices for dynamically modeling and grouping endpoints for edge networking |
US10885212B2 (en) | 2017-09-12 | 2021-01-05 | Sophos Limited | Secure management of process properties |
US10740459B2 (en) | 2017-12-28 | 2020-08-11 | Crowdstrike, Inc. | Kernel- and user-level cooperative security processing |
US10841333B2 (en) | 2018-01-08 | 2020-11-17 | Sophos Limited | Malware detection using machine learning |
EP3514717B1 (en) * | 2018-01-17 | 2021-03-31 | Crowdstrike, Inc. | Device driver non-volatile backing-store installation |
US10990371B2 (en) | 2018-01-17 | 2021-04-27 | Crowdstrike, Inc. | Device driver non-volatile backing-store installation |
US11423186B2 (en) | 2018-01-17 | 2022-08-23 | Crowdstrike, Inc. | Verified inter-module communications interface |
US11470115B2 (en) | 2018-02-09 | 2022-10-11 | Attivo Networks, Inc. | Implementing decoys in a network environment |
US11616758B2 (en) | 2018-04-04 | 2023-03-28 | Sophos Limited | Network device for securing endpoints in a heterogeneous enterprise network |
US11288385B2 (en) | 2018-04-13 | 2022-03-29 | Sophos Limited | Chain of custody for enterprise documents |
US11297073B2 (en) | 2018-08-31 | 2022-04-05 | Sophos Limited | Forensic query of local event streams in an enterprise network |
US11550900B1 (en) | 2018-11-16 | 2023-01-10 | Sophos Limited | Malware mitigation based on runtime memory allocation |
GB2588745B (en) | 2018-11-19 | 2021-11-03 | Sophos Ltd | Deferred malware scanning |
US11106800B1 (en) | 2018-11-30 | 2021-08-31 | Capsule8, Inc. | Detecting kernel exploits |
US11714905B2 (en) | 2019-05-10 | 2023-08-01 | Sophos Limited | Attribute relevance tagging in malware recognition |
EP3973427A4 (en) | 2019-05-20 | 2023-06-21 | Sentinel Labs Israel Ltd. | Systems and methods for executable code detection, automatic feature extraction and position independent code detection |
US11727143B2 (en) | 2020-06-22 | 2023-08-15 | Sophos Limited | Live discovery of enterprise threats based on security query activity |
US11775639B2 (en) | 2020-10-23 | 2023-10-03 | Sophos Limited | File integrity monitoring |
US11579857B2 (en) | 2020-12-16 | 2023-02-14 | Sentinel Labs Israel Ltd. | Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach |
US11929992B2 (en) | 2021-03-31 | 2024-03-12 | Sophos Limited | Encrypted cache protection |
US11899782B1 (en) | 2021-07-13 | 2024-02-13 | SentinelOne, Inc. | Preserving DLL hooks |
CN115828246B (en) * | 2023-01-09 | 2023-05-16 | 中国人民解放军61660部队 | Offline malicious program and behavior monitoring method, device, medium and equipment |
Citations (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5623600A (en) | 1995-09-26 | 1997-04-22 | Trend Micro, Incorporated | Virus detection and removal apparatus for computer networks |
US6069628A (en) | 1993-01-15 | 2000-05-30 | Reuters, Ltd. | Method and means for navigating user interfaces which support a plurality of executing applications |
US6073241A (en) | 1996-08-29 | 2000-06-06 | C/Net, Inc. | Apparatus and method for tracking world wide web browser requests across distinct domains using persistent client-side state |
US6092194A (en) | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US6154844A (en) | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US6310630B1 (en) | 1997-12-12 | 2001-10-30 | International Business Machines Corporation | Data processing system and method for internet browser history generation |
US6397264B1 (en) | 1999-11-01 | 2002-05-28 | Rstar Corporation | Multi-browser client architecture for managing multiple applications having a history list |
US20020129277A1 (en) | 2001-03-12 | 2002-09-12 | Caccavale Frank S. | Using a virus checker in one file server to check for viruses in another file server |
US6460060B1 (en) | 1999-01-26 | 2002-10-01 | International Business Machines Corporation | Method and system for searching web browser history |
US20020166059A1 (en) | 2001-05-01 | 2002-11-07 | Rickey Albert E. | Methods and apparatus for protecting against viruses on partitionable media |
US6535931B1 (en) | 1999-12-13 | 2003-03-18 | International Business Machines Corp. | Extended keyboard support in a run time environment for keys not recognizable on standard or non-standard keyboards |
US20030135791A1 (en) * | 2001-09-25 | 2003-07-17 | Norman Asa | Simulated computer system for monitoring of software performance |
US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US6611878B2 (en) | 1996-11-08 | 2003-08-26 | International Business Machines Corporation | Method and apparatus for software technology injection for operating systems which assign separate process address spaces |
US6633835B1 (en) | 2002-01-10 | 2003-10-14 | Networks Associates Technology, Inc. | Prioritized data capture, classification and filtering in a network monitoring environment |
US20030217287A1 (en) | 2002-05-16 | 2003-11-20 | Ilya Kruglenko | Secure desktop environment for unsophisticated computer users |
US6667751B1 (en) | 2000-07-13 | 2003-12-23 | International Business Machines Corporation | Linear web browser history viewer |
US20040030914A1 (en) | 2002-08-09 | 2004-02-12 | Kelley Edward Emile | Password protection |
US20040034794A1 (en) | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US6701441B1 (en) | 1998-12-08 | 2004-03-02 | Networks Associates Technology, Inc. | System and method for interactive web services |
US20040064736A1 (en) | 2002-08-30 | 2004-04-01 | Wholesecurity, Inc. | Method and apparatus for detecting malicious code in an information handling system |
US20040080529A1 (en) | 2002-10-24 | 2004-04-29 | Wojcik Paul Kazimierz | Method and system for securing text-entry in a web form over a computer network |
US20040143763A1 (en) | 1999-02-03 | 2004-07-22 | Radatti Peter V. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer in instant messaging and peer-to-peer applications |
US6785732B1 (en) | 2000-09-11 | 2004-08-31 | International Business Machines Corporation | Web server apparatus and method for virus checking |
US20040187023A1 (en) | 2002-08-30 | 2004-09-23 | Wholesecurity, Inc. | Method, system and computer program product for security in a global computer network transaction |
US6813711B1 (en) | 1999-01-05 | 2004-11-02 | Samsung Electronics Co., Ltd. | Downloading files from approved web site |
US20040225877A1 (en) | 2003-05-09 | 2004-11-11 | Zezhen Huang | Method and system for protecting computer system from malicious software operation |
US6829654B1 (en) | 2000-06-23 | 2004-12-07 | Cloudshield Technologies, Inc. | Apparatus and method for virtual edge placement of web sites |
US20050114687A1 (en) * | 2003-11-21 | 2005-05-26 | Zimmer Vincent J. | Methods and apparatus to provide protection for firmware resources |
US20050120242A1 (en) | 2000-05-28 | 2005-06-02 | Yaron Mayer | System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages |
US20050125687A1 (en) * | 2003-12-05 | 2005-06-09 | Microsoft Corporation | Security-related programming interface |
US20050138433A1 (en) | 2003-12-23 | 2005-06-23 | Zone Labs, Inc. | Security System with Methodology for Defending Against Security Breaches of Peripheral Devices |
US20050149726A1 (en) | 2003-10-21 | 2005-07-07 | Amit Joshi | Systems and methods for secure client applications |
US20050172115A1 (en) | 2004-01-30 | 2005-08-04 | Bodorin Daniel M. | System and method for gathering exhibited behaviors of a .NET executable module in a secure manner |
US20050188272A1 (en) | 2004-01-30 | 2005-08-25 | Bodorin Daniel M. | System and method for detecting malware in an executable code module according to the code module's exhibited behavior |
US20050216759A1 (en) * | 2004-03-29 | 2005-09-29 | Rothman Michael A | Virus scanning of input/output traffic of a computer system |
US6965968B1 (en) | 2003-02-27 | 2005-11-15 | Finjan Software Ltd. | Policy-based caching |
US20050257266A1 (en) | 2003-06-11 | 2005-11-17 | Cook Randall R | Intrustion protection system utilizing layers and triggers |
US7058822B2 (en) | 2000-03-30 | 2006-06-06 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
WO2006077443A2 (en) * | 2005-01-20 | 2006-07-27 | William Grant Rothwell | Computer protection against malware affection |
US20060265761A1 (en) | 2003-09-15 | 2006-11-23 | Trigence Corp. | Malware containment by application encapsulation |
WO2007109708A1 (en) | 2006-03-22 | 2007-09-27 | Webroot Software, Inc. | Method and system for denying pestware direct drive access |
US7484245B1 (en) * | 1999-10-01 | 2009-01-27 | Gigatrust | System and method for providing data security |
Family Cites Families (283)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH04211844A (en) | 1990-01-19 | 1992-08-03 | Texas Instr Inc <Ti> | Apparatus and method for deflagment of filing system |
US5278901A (en) | 1992-04-30 | 1994-01-11 | International Business Machines Corporation | Pattern-oriented intrusion-detection system and method |
WO1993025024A1 (en) | 1992-05-26 | 1993-12-09 | Cyberlock Data Intelligence, Inc. | Computer virus monitoring system |
FR2706652B1 (en) | 1993-06-09 | 1995-08-18 | Alsthom Cge Alcatel | Device for detecting intrusions and suspicious users for a computer system and security system comprising such a device. |
US5442669A (en) | 1993-12-27 | 1995-08-15 | Medin; David L. | Perishable good integrity indicator |
KR100387207B1 (en) | 1994-03-15 | 2003-10-04 | 디지 인터내셔날 인크. | Communication system and communication method by remote network device |
US5802275A (en) | 1994-06-22 | 1998-09-01 | Lucent Technologies Inc. | Isolation of non-secure software from secure software to limit virus infection |
US5809138A (en) | 1994-07-25 | 1998-09-15 | Netz Computing Ltd. | Method for protecting storage media against computer virus infection |
US5537540A (en) | 1994-09-30 | 1996-07-16 | Compaq Computer Corporation | Transparent, secure computer virus detection method and apparatus |
US5684875A (en) | 1994-10-21 | 1997-11-04 | Ellenberger; Hans | Method and apparatus for detecting a computer virus on a computer |
US5485575A (en) | 1994-11-21 | 1996-01-16 | International Business Machines Corporation | Automatic analysis of a computer virus structure and means of attachment to its hosts |
US5715455A (en) | 1995-05-18 | 1998-02-03 | International Business Machines Corporation | Apparatus and method for storing file allocation table efficiently in memory |
US6006328A (en) | 1995-07-14 | 1999-12-21 | Christopher N. Drake | Computer software authentication, protection, and security system |
US5812848A (en) | 1995-08-23 | 1998-09-22 | Symantec Corporation | Subclassing system for computer that operates with portable-executable (PE) modules |
US5765030A (en) | 1996-07-19 | 1998-06-09 | Symantec Corp | Processor emulator module having a variable pre-fetch queue size for program execution |
US5696822A (en) | 1995-09-28 | 1997-12-09 | Symantec Corporation | Polymorphic virus detection module |
US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
JPH09282103A (en) | 1995-12-22 | 1997-10-31 | Ricoh Co Ltd | Information processor |
US5699428A (en) | 1996-01-16 | 1997-12-16 | Symantec Corporation | System for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time |
US5951698A (en) | 1996-10-02 | 1999-09-14 | Trend Micro, Incorporated | System, apparatus and method for the detection and removal of viruses in macros |
US6208999B1 (en) | 1996-12-12 | 2001-03-27 | Network Associates, Inc. | Recoverable computer file system with a signature area containing file integrity information located in the storage blocks |
US5987611A (en) | 1996-12-31 | 1999-11-16 | Zone Labs, Inc. | System and methodology for managing internet access on a per application basis for client computers connected to the internet |
US6141698A (en) | 1997-01-29 | 2000-10-31 | Network Commerce Inc. | Method and system for injecting new code into existing application code |
US5920696A (en) | 1997-02-25 | 1999-07-06 | International Business Machines Corporation | Dynamic windowing system in a transaction base network for a client to request transactions of transient programs at a server |
US5930828A (en) | 1997-03-26 | 1999-07-27 | Executive Software International | Real-time apparatus and method for minimizing disk fragmentation in a computer system |
US5974549A (en) | 1997-03-27 | 1999-10-26 | Soliton Ltd. | Security monitor |
IL120632A0 (en) | 1997-04-08 | 1997-08-14 | Zuta Marc | Multiprocessor system and method |
US6473406B1 (en) | 1997-07-31 | 2002-10-29 | Cisco Technology, Inc. | Method and apparatus for transparently proxying a connection |
JP3437065B2 (en) | 1997-09-05 | 2003-08-18 | 富士通株式会社 | Virus removal method, information processing device, and computer-readable recording medium on which virus removal program is recorded |
US5983348A (en) | 1997-09-10 | 1999-11-09 | Trend Micro Incorporated | Computer network malicious code scanner |
US6357008B1 (en) | 1997-09-23 | 2002-03-12 | Symantec Corporation | Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases |
US6173291B1 (en) | 1997-09-26 | 2001-01-09 | Powerquest Corporation | Method and apparatus for recovering data from damaged or corrupted file storage media |
US6070174A (en) | 1997-09-30 | 2000-05-30 | Infraworks Corporation | Method and apparatus for real-time secure file deletion |
US6009520A (en) | 1997-12-10 | 1999-12-28 | Phoenix Technologies, Ltd | Method and apparatus standardizing use of non-volatile memory within a BIOS-ROM |
US6374363B1 (en) | 1998-02-24 | 2002-04-16 | Adaptec, Inc. | Method for generating a footprint image file for an intelligent backup and restoring system |
US6118705A (en) | 1998-03-13 | 2000-09-12 | Atmel Corporation | Page mode erase in a flash memory array |
US20010044901A1 (en) | 1998-03-24 | 2001-11-22 | Symantec Corporation | Bubble-protected system for automatic decryption of file data on a per-use basis and automatic re-encryption |
US6347375B1 (en) | 1998-07-08 | 2002-02-12 | Ontrack Data International, Inc | Apparatus and method for remote virus diagnosis and repair |
US6401210B1 (en) | 1998-09-23 | 2002-06-04 | Intel Corporation | Method of managing computer virus infected files |
US6192512B1 (en) | 1998-09-24 | 2001-02-20 | International Business Machines Corporation | Interpreter with virtualized interface |
JP3837244B2 (en) | 1998-10-23 | 2006-10-25 | 松下電器産業株式会社 | Program linking apparatus and method |
US6535229B1 (en) | 1999-06-29 | 2003-03-18 | International Business Machines Corporation | Graphical user interface for selection of options within mutually exclusive subsets |
US6487601B1 (en) | 1999-09-30 | 2002-11-26 | International Business Machines Corporation | Dynamic mac allocation and configuration |
US6430561B1 (en) | 1999-10-29 | 2002-08-06 | International Business Machines Corporation | Security policy for protection of files on a storage device |
IL132915A (en) | 1999-11-14 | 2004-05-12 | Networks Assoc Tech Inc | Method for secure function execution by calling address validation |
US6851057B1 (en) | 1999-11-30 | 2005-02-01 | Symantec Corporation | Data driven detection of viruses |
EP1113666A1 (en) | 1999-12-30 | 2001-07-04 | Nokia Corporation | Data processing apparatus |
US6606659B1 (en) | 2000-01-28 | 2003-08-12 | Websense, Inc. | System and method for controlling access to internet sites |
US6996706B1 (en) | 2000-02-19 | 2006-02-07 | Powerquest Corporation | Booting an operating system or running other pre-boot code from a file stored under a different operating system |
US6496913B1 (en) | 2000-02-22 | 2002-12-17 | Hewlett-Packard Company | System and method for detecting and correcting fragmentation on optical storage media |
US6971019B1 (en) | 2000-03-14 | 2005-11-29 | Symantec Corporation | Histogram-based virus detection |
US6775780B1 (en) | 2000-03-16 | 2004-08-10 | Networks Associates Technology, Inc. | Detecting malicious software by analyzing patterns of system calls generated during emulation |
US6856993B1 (en) | 2000-03-30 | 2005-02-15 | Microsoft Corporation | Transactional file system |
US6973488B1 (en) | 2000-03-31 | 2005-12-06 | Intel Corporation | Providing policy information to a remote device |
US6842748B1 (en) | 2000-04-14 | 2005-01-11 | Rightnow Technologies, Inc. | Usage based strength between related information in an information retrieval system |
JP4700884B2 (en) | 2000-04-28 | 2011-06-15 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Method and system for managing computer security information |
US7383299B1 (en) | 2000-05-05 | 2008-06-03 | International Business Machines Corporation | System and method for providing service for searching web site addresses |
US6735703B1 (en) | 2000-05-08 | 2004-05-11 | Networks Associates Technology, Inc. | Multi-platform sequence-based anomaly detection wrapper |
GB0011020D0 (en) | 2000-05-09 | 2000-06-28 | Ibm | Intercepting system API calls |
US20050154885A1 (en) | 2000-05-15 | 2005-07-14 | Interfuse Technology, Inc. | Electronic data security system and method |
US7058976B1 (en) | 2000-05-17 | 2006-06-06 | Deep Nines, Inc. | Intelligent feedback loop process control system |
US6735678B2 (en) | 2000-05-24 | 2004-05-11 | Seagate Technology Llc | Method and apparatus for disc drive defragmentation |
US6973577B1 (en) | 2000-05-26 | 2005-12-06 | Mcafee, Inc. | System and method for dynamically detecting computer viruses through associative behavioral analysis of runtime state |
US6973578B1 (en) | 2000-05-31 | 2005-12-06 | Networks Associates Technology, Inc. | System, method and computer program product for process-based selection of virus detection actions |
US6931540B1 (en) | 2000-05-31 | 2005-08-16 | Networks Associates Technology, Inc. | System, method and computer program product for selecting virus detection actions based on a process by which files are being accessed |
US7007301B2 (en) | 2000-06-12 | 2006-02-28 | Hewlett-Packard Development Company, L.P. | Computer architecture for an intrusion detection system |
US6721721B1 (en) | 2000-06-15 | 2004-04-13 | International Business Machines Corporation | Virus checking and reporting for computer database search results |
US7093239B1 (en) | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
US20020162017A1 (en) | 2000-07-14 | 2002-10-31 | Stephen Sorkin | System and method for analyzing logfiles |
US6954861B2 (en) | 2000-07-14 | 2005-10-11 | America Online, Inc. | Identifying unauthorized communication systems based on their memory contents |
US6618717B1 (en) | 2000-07-31 | 2003-09-09 | Eliyon Technologies Corporation | Computer method and apparatus for determining content owner of a website |
US7231434B2 (en) | 2000-08-28 | 2007-06-12 | International Business Machines Corporation | Method, apparatus and computer program product to check e-mail count at boot time in computing systems |
US6910134B1 (en) | 2000-08-29 | 2005-06-21 | Netrake Corporation | Method and device for innoculating email infected with a virus |
GB2366706B (en) | 2000-08-31 | 2004-11-03 | Content Technologies Ltd | Monitoring electronic mail messages digests |
US7178166B1 (en) | 2000-09-19 | 2007-02-13 | Internet Security Systems, Inc. | Vulnerability assessment and authentication of a computer by a local scanner |
US6996845B1 (en) | 2000-11-28 | 2006-02-07 | S.P.I. Dynamics Incorporated | Internet security analysis system and process |
US7150045B2 (en) | 2000-12-14 | 2006-12-12 | Widevine Technologies, Inc. | Method and apparatus for protection of electronic media |
WO2002071227A1 (en) | 2001-03-01 | 2002-09-12 | Cyber Operations, Llc | System and method for anti-network terrorism |
US7146429B2 (en) | 2001-03-16 | 2006-12-05 | The Aerospace Corporation | Cooperative adaptive web caching routing and forwarding web content data requesting method |
US7302584B2 (en) | 2001-03-16 | 2007-11-27 | Mcafee, Inc. | Mechanisms for banning computer programs from use |
US7555561B2 (en) | 2001-03-19 | 2009-06-30 | The Aerospace Corporation | Cooperative adaptive web caching routing and forwarding web content data broadcasting method |
WO2002084482A1 (en) | 2001-04-12 | 2002-10-24 | W. Quinn, Inc. | System and method for using memory mapping to scan a master file table |
CN1147795C (en) | 2001-04-29 | 2004-04-28 | 北京瑞星科技股份有限公司 | Method, system and medium for detecting and clearing known and anknown computer virus |
WO2002091146A2 (en) | 2001-05-09 | 2002-11-14 | Ecd Systems, Inc. | Systems and methods for the prevention of unauthorized use and manipulation of digital content |
US7043634B2 (en) | 2001-05-15 | 2006-05-09 | Mcafee, Inc. | Detecting malicious alteration of stored computer files |
US6738832B2 (en) | 2001-06-29 | 2004-05-18 | International Business Machines Corporation | Methods and apparatus in a logging system for the adaptive logger replacement in order to receive pre-boot information |
US7421587B2 (en) | 2001-07-26 | 2008-09-02 | Mcafee, Inc. | Detecting computer programs within packed computer files |
US7487544B2 (en) | 2001-07-30 | 2009-02-03 | The Trustees Of Columbia University In The City Of New York | System and methods for detection of new malicious executables |
US6792543B2 (en) | 2001-08-01 | 2004-09-14 | Networks Associates Technology, Inc. | Virus scanning on thin client devices using programmable assembly language |
US7540031B2 (en) | 2001-08-01 | 2009-05-26 | Mcafee, Inc. | Wireless architecture with malware scanning component manager and associated API |
US7245632B2 (en) | 2001-08-10 | 2007-07-17 | Sun Microsystems, Inc. | External storage for modular computer systems |
GB2378783B (en) | 2001-08-17 | 2004-12-29 | F Secure Oyj | Preventing virus infection in a computer system |
US7234167B2 (en) | 2001-09-06 | 2007-06-19 | Mcafee, Inc. | Automatic builder of detection and cleaning routines for computer viruses |
US20030065943A1 (en) | 2001-09-28 | 2003-04-03 | Christoph Geis | Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network |
US20030097409A1 (en) | 2001-10-05 | 2003-05-22 | Hungchou Tsai | Systems and methods for securing computers |
US7107617B2 (en) | 2001-10-15 | 2006-09-12 | Mcafee, Inc. | Malware scanning of compressed computer files |
US7210168B2 (en) | 2001-10-15 | 2007-04-24 | Mcafee, Inc. | Updating malware definition data for mobile data processing devices |
US7506374B2 (en) | 2001-10-31 | 2009-03-17 | Computer Associates Think, Inc. | Memory scanning system and method |
US20030084323A1 (en) | 2001-10-31 | 2003-05-01 | Gales George S. | Network intrusion detection system and method |
US7603440B1 (en) | 2001-11-09 | 2009-10-13 | Persystent Technology Corporation | System and method for management of end user computing devices |
EP1315066A1 (en) | 2001-11-21 | 2003-05-28 | BRITISH TELECOMMUNICATIONS public limited company | Computer security system |
US20030101381A1 (en) | 2001-11-29 | 2003-05-29 | Nikolay Mateev | System and method for virus checking software |
CN1211798C (en) | 2001-12-03 | 2005-07-20 | 英业达股份有限公司 | Method and system for computing fragment rate of magnetic disc |
US20030105973A1 (en) | 2001-12-04 | 2003-06-05 | Trend Micro Incorporated | Virus epidemic outbreak command system and method using early warning monitors in a network environment |
US6947985B2 (en) | 2001-12-05 | 2005-09-20 | Websense, Inc. | Filtering techniques for managing access to internet sites or other software applications |
US7150042B2 (en) | 2001-12-06 | 2006-12-12 | Mcafee, Inc. | Techniques for performing malware scanning of files stored within a file storage device of a computer network |
US20030115479A1 (en) | 2001-12-14 | 2003-06-19 | Jonathan Edwards | Method and system for detecting computer malwares by scan of process memory after process initialization |
US7058975B2 (en) | 2001-12-14 | 2006-06-06 | Mcafee, Inc. | Method and system for delayed write scanning for detecting computer malwares |
US7096500B2 (en) | 2001-12-21 | 2006-08-22 | Mcafee, Inc. | Predictive malware scanning of internet data |
US7065790B1 (en) | 2001-12-21 | 2006-06-20 | Mcafee, Inc. | Method and system for providing computer malware names from multiple anti-virus scanners |
US7401359B2 (en) | 2001-12-21 | 2008-07-15 | Mcafee, Inc. | Generating malware definition data for mobile computing devices |
US7114185B2 (en) | 2001-12-26 | 2006-09-26 | Mcafee, Inc. | Identifying malware containing computer files using embedded text |
US7266843B2 (en) | 2001-12-26 | 2007-09-04 | Mcafee, Inc. | Malware scanning to create clean storage locations |
US7423995B1 (en) | 2002-01-28 | 2008-09-09 | Bbn Technologies Corp. | Criteria for tearing down network links |
US6772345B1 (en) | 2002-02-08 | 2004-08-03 | Networks Associates Technology, Inc. | Protocol-level malware scanner |
US8370936B2 (en) | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US6681972B1 (en) | 2002-03-19 | 2004-01-27 | J&C Tapocik, Inc. | Hands-free holder which will hold an airline ticket, an identification, credit cards and cash while worn around a user's neck |
AU2003234720A1 (en) | 2002-04-13 | 2003-11-03 | Computer Associates Think, Inc. | System and method for detecting malicicous code |
US7103913B2 (en) | 2002-05-08 | 2006-09-05 | International Business Machines Corporation | Method and apparatus for determination of the non-replicative behavior of a malicious program |
US7370360B2 (en) | 2002-05-13 | 2008-05-06 | International Business Machines Corporation | Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine |
US7155742B1 (en) | 2002-05-16 | 2006-12-26 | Symantec Corporation | Countering infections to communications modules |
US7409717B1 (en) | 2002-05-23 | 2008-08-05 | Symantec Corporation | Metamorphic computer virus detection |
TWI244297B (en) | 2002-06-12 | 2005-11-21 | Thomson Licensing Sa | Apparatus and method adapted to communicate via a network |
US7146638B2 (en) | 2002-06-27 | 2006-12-05 | International Business Machines Corporation | Firewall protocol providing additional information |
US7418729B2 (en) | 2002-07-19 | 2008-08-26 | Symantec Corporation | Heuristic detection of malicious computer code by page tracking |
US7380277B2 (en) | 2002-07-22 | 2008-05-27 | Symantec Corporation | Preventing e-mail propagation of malicious computer code |
US7275215B2 (en) | 2002-07-29 | 2007-09-25 | Cerulean Studios, Llc | System and method for managing contacts in an instant messaging environment |
US20040024864A1 (en) | 2002-07-31 | 2004-02-05 | Porras Phillip Andrew | User, process, and application tracking in an intrusion detection system |
GB2391965B (en) | 2002-08-14 | 2005-11-30 | Messagelabs Ltd | Method of, and system for, heuristically detecting viruses in executable code |
US7337471B2 (en) | 2002-10-07 | 2008-02-26 | Symantec Corporation | Selective detection of malicious computer code |
US7467206B2 (en) | 2002-12-23 | 2008-12-16 | Microsoft Corporation | Reputation system for web services |
US6915420B2 (en) | 2003-01-06 | 2005-07-05 | John Alan Hensley | Method for creating and protecting a back-up operating system within existing storage that is not hidden during operation |
US20040143661A1 (en) | 2003-01-14 | 2004-07-22 | Akio Higashi | Content history log collecting system |
US7055008B2 (en) | 2003-01-22 | 2006-05-30 | Falconstor Software, Inc. | System and method for backing up data |
US20040162781A1 (en) | 2003-02-14 | 2004-08-19 | Kennsco, Inc. | Monitoring and alert systems and methods |
US7216367B2 (en) | 2003-02-21 | 2007-05-08 | Symantec Corporation | Safe memory scanning |
WO2004077294A1 (en) | 2003-02-26 | 2004-09-10 | Secure Ware Inc. | Unauthorized processing judgment method, data processing device, computer program, and recording medium |
US8171551B2 (en) | 2003-04-01 | 2012-05-01 | Mcafee, Inc. | Malware detection using external call characteristics |
US8136155B2 (en) | 2003-04-01 | 2012-03-13 | Check Point Software Technologies, Inc. | Security system with methodology for interprocess communication control |
GB2400197B (en) | 2003-04-03 | 2006-04-12 | Messagelabs Ltd | System for and method of detecting malware in macros and executable scripts |
GB2400933B (en) | 2003-04-25 | 2006-11-22 | Messagelabs Ltd | A method of, and system for, heuristically detecting viruses in executable code by detecting files which have been maliciously altered |
US20040255167A1 (en) | 2003-04-28 | 2004-12-16 | Knight James Michael | Method and system for remote network security management |
US7231667B2 (en) | 2003-05-29 | 2007-06-12 | Computer Associates Think, Inc. | System and method for computer virus detection utilizing heuristic analysis |
US7284273B1 (en) | 2003-05-29 | 2007-10-16 | Symantec Corporation | Fuzzy scanning system and method |
US7380136B2 (en) | 2003-06-25 | 2008-05-27 | Intel Corp. | Methods and apparatus for secure collection and display of user interface information in a pre-boot environment |
US7185320B2 (en) | 2003-06-27 | 2007-02-27 | Hewlett-Packard Development Company, L.P. | System and method for processing breakpoint events in a child process generated by a parent process |
US20050038697A1 (en) | 2003-06-30 | 2005-02-17 | Aaron Jeffrey A. | Automatically facilitated marketing and provision of electronic services |
US7424609B2 (en) | 2003-07-11 | 2008-09-09 | Computer Associates Think, Inc. | Method and system for protecting against computer viruses |
US7257842B2 (en) | 2003-07-21 | 2007-08-14 | Mcafee, Inc. | Pre-approval of computer files during a malware detection |
US7644441B2 (en) | 2003-09-26 | 2010-01-05 | Cigital, Inc. | Methods for identifying malicious software |
US20050071624A1 (en) | 2003-09-29 | 2005-03-31 | Rothman Michael A. | Providing a self-describing media for a computer system |
US20050081053A1 (en) | 2003-10-10 | 2005-04-14 | International Business Machines Corlporation | Systems and methods for efficient computer virus detection |
US20040172551A1 (en) | 2003-12-09 | 2004-09-02 | Michael Connor | First response computer virus blocking. |
US8590032B2 (en) | 2003-12-10 | 2013-11-19 | Aventail Llc | Rule-based routing to resources through a network |
US20050132177A1 (en) | 2003-12-12 | 2005-06-16 | International Business Machines Corporation | Detecting modifications made to code placed in memory by the POST BIOS |
US7765592B2 (en) | 2004-01-10 | 2010-07-27 | Microsoft Corporation | Changed file identification, software conflict resolution and unwanted file removal |
US8627458B2 (en) | 2004-01-13 | 2014-01-07 | Mcafee, Inc. | Detecting malicious computer program activity using external program calls with dynamic rule sets |
US7620990B2 (en) | 2004-01-30 | 2009-11-17 | Microsoft Corporation | System and method for unpacking packed executables for malware evaluation |
US7707634B2 (en) | 2004-01-30 | 2010-04-27 | Microsoft Corporation | System and method for detecting malware in executable scripts according to its functionality |
US7373524B2 (en) | 2004-02-24 | 2008-05-13 | Covelight Systems, Inc. | Methods, systems and computer program products for monitoring user behavior for a server application |
US20050229250A1 (en) | 2004-02-26 | 2005-10-13 | Ring Sandra E | Methodology, system, computer readable medium, and product providing a security software suite for handling operating system exploitations |
US8543710B2 (en) | 2004-03-10 | 2013-09-24 | Rpx Corporation | Method and system for controlling network access |
CA2501184A1 (en) | 2004-03-18 | 2005-09-18 | At&T Corp. | Method and apparatus for rapid location of anomalies in ip traffic logs |
US8060924B2 (en) | 2004-04-19 | 2011-11-15 | Lumension Security, Inc. | On-line centralized and local authorization of executable files |
US20050262567A1 (en) | 2004-05-19 | 2005-11-24 | Itshak Carmona | Systems and methods for computer security |
US20050268112A1 (en) | 2004-05-28 | 2005-12-01 | Microsoft Corporation | Managing spyware and unwanted software through auto-start extensibility points |
US20050273858A1 (en) | 2004-06-07 | 2005-12-08 | Erez Zadok | Stackable file systems and methods thereof |
US7568230B2 (en) | 2004-06-09 | 2009-07-28 | Lieberman Software Corporation | System for selective disablement and locking out of computer system objects |
US7596809B2 (en) | 2004-06-14 | 2009-09-29 | Lionic Corporation | System security approaches using multiple processing units |
US7281124B2 (en) | 2004-06-17 | 2007-10-09 | Intel Corporation | Establishing a virtual drive accessible to pre-boot and operating system runtime phases |
US20060041942A1 (en) | 2004-06-24 | 2006-02-23 | Mcafee, Inc. | System, method and computer program product for preventing spyware/malware from installing a registry |
US20060010485A1 (en) | 2004-07-12 | 2006-01-12 | Jim Gorman | Network security method |
US7484247B2 (en) | 2004-08-07 | 2009-01-27 | Allen F Rozman | System and method for protecting a computer system from malicious software |
US7284020B2 (en) | 2004-09-01 | 2007-10-16 | Hitachi, Ltd. | System and method for data recovery in a storage system |
US7480683B2 (en) | 2004-10-01 | 2009-01-20 | Webroot Software, Inc. | System and method for heuristic analysis to identify pestware |
US20060075490A1 (en) | 2004-10-01 | 2006-04-06 | Boney Matthew L | System and method for actively operating malware to generate a definition |
EP1834243B1 (en) | 2004-10-01 | 2019-05-01 | Webroot Inc. | System and method for locating malware |
US20060075468A1 (en) | 2004-10-01 | 2006-04-06 | Boney Matthew L | System and method for locating malware and generating malware definitions |
US20060085528A1 (en) | 2004-10-01 | 2006-04-20 | Steve Thomas | System and method for monitoring network communications for pestware |
US20060075494A1 (en) | 2004-10-01 | 2006-04-06 | Bertman Justin R | Method and system for analyzing data for potential malware |
US7533131B2 (en) | 2004-10-01 | 2009-05-12 | Webroot Software, Inc. | System and method for pestware detection and removal |
US7287279B2 (en) | 2004-10-01 | 2007-10-23 | Webroot Software, Inc. | System and method for locating malware |
US20060080637A1 (en) | 2004-10-12 | 2006-04-13 | Microsoft Corporation | System and method for providing malware information for programmatic access |
US7594269B2 (en) | 2004-10-29 | 2009-09-22 | Intel Corporation | Platform-based identification of host software circumvention |
US7765410B2 (en) | 2004-11-08 | 2010-07-27 | Microsoft Corporation | System and method of aggregating the knowledge base of antivirus software applications |
US7765400B2 (en) | 2004-11-08 | 2010-07-27 | Microsoft Corporation | Aggregation of the knowledge base of antivirus software |
US7478237B2 (en) | 2004-11-08 | 2009-01-13 | Microsoft Corporation | System and method of allowing user mode applications with access to file data |
US7401184B2 (en) | 2004-11-19 | 2008-07-15 | Intel Corporation | Matching memory transactions to cache line boundaries |
US7246209B2 (en) | 2004-11-30 | 2007-07-17 | Kabushiki Kaisha Toshiba | System for secure erasing of files |
WO2006101549A2 (en) | 2004-12-03 | 2006-09-28 | Whitecell Software, Inc. | Secure system for allowing the execution of authorized computer program code |
US7636856B2 (en) | 2004-12-06 | 2009-12-22 | Microsoft Corporation | Proactive computer malware protection through dynamic translation |
US8745364B2 (en) | 2004-12-13 | 2014-06-03 | Intel Corporation | Method and apparatus for enabling non-volatile content filtering |
US7409719B2 (en) | 2004-12-21 | 2008-08-05 | Microsoft Corporation | Computer security management, such as in a virtual machine or hardened operating system |
US7657762B2 (en) | 2005-01-14 | 2010-02-02 | Ati Technologies, Inc. | Apparatus and methods for power management of a circuit module |
US7716743B2 (en) | 2005-01-14 | 2010-05-11 | Microsoft Corporation | Privacy friendly malware quarantines |
US7406466B2 (en) | 2005-01-14 | 2008-07-29 | Yahoo! Inc. | Reputation based search |
US8321910B1 (en) | 2005-01-21 | 2012-11-27 | Trend Micro, Inc. | Determining the source of malware |
US7478283B2 (en) | 2005-01-22 | 2009-01-13 | International Business Machines Corporation | Provisional application management with automated acceptance tests and decision criteria |
US20060167948A1 (en) | 2005-01-26 | 2006-07-27 | Gian-Nicolas Pietravalle | Detection of computer system malware |
US20060184792A1 (en) | 2005-02-17 | 2006-08-17 | Scalable Software | Protecting computer systems from unwanted software |
US7836504B2 (en) | 2005-03-01 | 2010-11-16 | Microsoft Corporation | On-access scan of memory for malware |
US7676845B2 (en) | 2005-03-24 | 2010-03-09 | Microsoft Corporation | System and method of selectively scanning a file on a computing device for malware |
US7490352B2 (en) | 2005-04-07 | 2009-02-10 | Microsoft Corporation | Systems and methods for verifying trust of executable files |
US7346611B2 (en) | 2005-04-12 | 2008-03-18 | Webroot Software, Inc. | System and method for accessing data from a data storage medium |
US7565695B2 (en) | 2005-04-12 | 2009-07-21 | Webroot Software, Inc. | System and method for directly accessing data from a data storage medium |
US7591016B2 (en) | 2005-04-14 | 2009-09-15 | Webroot Software, Inc. | System and method for scanning memory for pestware offset signatures |
US7349931B2 (en) | 2005-04-14 | 2008-03-25 | Webroot Software, Inc. | System and method for scanning obfuscated files for pestware |
US7571476B2 (en) | 2005-04-14 | 2009-08-04 | Webroot Software, Inc. | System and method for scanning memory for pestware |
US7552115B2 (en) | 2005-04-15 | 2009-06-23 | Microsoft Corporation | Method and system for efficient generation of storage reports |
US7562304B2 (en) | 2005-05-03 | 2009-07-14 | Mcafee, Inc. | Indicating website reputations during website manipulation of user information |
US8438499B2 (en) | 2005-05-03 | 2013-05-07 | Mcafee, Inc. | Indicating website reputations during user interactions |
US7548544B2 (en) | 2005-05-05 | 2009-06-16 | Ironport Systems, Inc. | Method of determining network addresses of senders of electronic mail messages |
US8561190B2 (en) | 2005-05-16 | 2013-10-15 | Microsoft Corporation | System and method of opportunistically protecting a computer from malware |
US7660797B2 (en) | 2005-05-27 | 2010-02-09 | Microsoft Corporation | Scanning data in an access restricted file for malware |
US8452744B2 (en) | 2005-06-06 | 2013-05-28 | Webroot Inc. | System and method for analyzing locked files |
US20060277183A1 (en) | 2005-06-06 | 2006-12-07 | Tony Nichols | System and method for neutralizing locked pestware files |
US7861296B2 (en) | 2005-06-16 | 2010-12-28 | Microsoft Corporation | System and method for efficiently scanning a file for malware |
US7877803B2 (en) | 2005-06-27 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Automated immune response for a computer |
US20070006311A1 (en) | 2005-06-29 | 2007-01-04 | Barton Kevin T | System and method for managing pestware |
US20090144826A2 (en) | 2005-06-30 | 2009-06-04 | Webroot Software, Inc. | Systems and Methods for Identifying Malware Distribution |
US7587724B2 (en) | 2005-07-13 | 2009-09-08 | Symantec Corporation | Kernel validation layer |
US8453242B2 (en) | 2005-08-12 | 2013-05-28 | Ca, Inc. | System and method for scanning handles |
US7617534B1 (en) | 2005-08-26 | 2009-11-10 | Symantec Corporation | Detection of SYSENTER/SYSCALL hijacking |
US20070050848A1 (en) | 2005-08-31 | 2007-03-01 | Microsoft Corporation | Preventing malware from accessing operating system services |
US20070074289A1 (en) | 2005-09-28 | 2007-03-29 | Phil Maddaloni | Client side exploit tracking |
US20070072678A1 (en) | 2005-09-28 | 2007-03-29 | Dagres Todd A | Method and system of online gaming organization |
US20070078675A1 (en) | 2005-09-30 | 2007-04-05 | Kaplan Craig A | Contributor reputation-based message boards and forums |
JP4950606B2 (en) | 2005-09-30 | 2012-06-13 | トレンドマイクロ株式会社 | COMMUNICATION SYSTEM, SECURITY MANAGEMENT DEVICE, AND ACCESS CONTROL METHOD |
US8079080B2 (en) | 2005-10-21 | 2011-12-13 | Mathew R. Syrowik | Method, system and computer program product for detecting security threats in a computer network |
US7996898B2 (en) | 2005-10-25 | 2011-08-09 | Webroot Software, Inc. | System and method for monitoring events on a computer to reduce false positive indication of pestware |
US20070094496A1 (en) | 2005-10-25 | 2007-04-26 | Michael Burtscher | System and method for kernel-level pestware management |
US20070094733A1 (en) | 2005-10-26 | 2007-04-26 | Wilson Michael C | System and method for neutralizing pestware residing in executable memory |
US20070094726A1 (en) | 2005-10-26 | 2007-04-26 | Wilson Michael C | System and method for neutralizing pestware that is loaded by a desirable process |
US7743418B2 (en) | 2005-10-31 | 2010-06-22 | Microsoft Corporation | Identifying malware that employs stealth techniques |
US7836500B2 (en) | 2005-12-16 | 2010-11-16 | Eacceleration Corporation | Computer virus and malware cleaner |
US7849185B1 (en) | 2006-01-10 | 2010-12-07 | Raytheon Company | System and method for attacker attribution in a network security system |
US8255992B2 (en) | 2006-01-18 | 2012-08-28 | Webroot Inc. | Method and system for detecting dependent pestware objects on a computer |
US20070169198A1 (en) | 2006-01-18 | 2007-07-19 | Phil Madddaloni | System and method for managing pestware affecting an operating system of a computer |
US20070168285A1 (en) | 2006-01-18 | 2007-07-19 | Jurijs Girtakovskis | Systems and methods for neutralizing unauthorized attempts to monitor user activity |
US8418245B2 (en) | 2006-01-18 | 2013-04-09 | Webroot Inc. | Method and system for detecting obfuscatory pestware in a computer memory |
US7721333B2 (en) | 2006-01-18 | 2010-05-18 | Webroot Software, Inc. | Method and system for detecting a keylogger on a computer |
US20070168694A1 (en) | 2006-01-18 | 2007-07-19 | Phil Maddaloni | System and method for identifying and removing pestware using a secondary operating system |
US7937758B2 (en) | 2006-01-25 | 2011-05-03 | Symantec Corporation | File origin determination |
US20070179834A1 (en) | 2006-02-01 | 2007-08-02 | Novell, Inc. | Federation and attestation of online reputations |
US20070203884A1 (en) | 2006-02-28 | 2007-08-30 | Tony Nichols | System and method for obtaining file information and data locations |
US8312479B2 (en) | 2006-03-08 | 2012-11-13 | Navisense | Application programming interface (API) for sensory events |
WO2007106826A2 (en) | 2006-03-13 | 2007-09-20 | Markmonitor Inc. | Domain name ownership validation |
US7926111B2 (en) | 2006-03-17 | 2011-04-12 | Symantec Corporation | Determination of related entities |
US7461104B2 (en) | 2006-03-22 | 2008-12-02 | Webroot Software, Inc. | Method and system for rapid data-fragmentation analysis of a New Technology File System |
US8079032B2 (en) | 2006-03-22 | 2011-12-13 | Webroot Software, Inc. | Method and system for rendering harmless a locked pestware executable object |
US20070226445A1 (en) | 2006-03-22 | 2007-09-27 | Tony Nichols | Method and system for rapid data-fragmentation analysis of a file-allocation-table (FAT) file system |
US9009818B2 (en) | 2006-04-06 | 2015-04-14 | Pulse Secure, Llc | Malware detection system and method for compressed data on mobile platforms |
US8201243B2 (en) | 2006-04-20 | 2012-06-12 | Webroot Inc. | Backwards researching activity indicative of pestware |
US8181244B2 (en) | 2006-04-20 | 2012-05-15 | Webroot Inc. | Backward researching time stamped events to find an origin of pestware |
US20070261117A1 (en) | 2006-04-20 | 2007-11-08 | Boney Matthew L | Method and system for detecting a compressed pestware executable object |
US20080082662A1 (en) | 2006-05-19 | 2008-04-03 | Richard Dandliker | Method and apparatus for controlling access to network resources based on reputation |
US7836505B2 (en) | 2006-06-05 | 2010-11-16 | Eacceleration Corporation | Accelerated file scanning |
US20080010326A1 (en) | 2006-06-15 | 2008-01-10 | Carpenter Troy A | Method and system for securely deleting files from a computer storage device |
US7996903B2 (en) | 2006-07-07 | 2011-08-09 | Webroot Software, Inc. | Method and system for detecting and removing hidden pestware files |
US7761391B2 (en) | 2006-07-12 | 2010-07-20 | Kofax, Inc. | Methods and systems for improved transductive maximum entropy discrimination classification |
US8615440B2 (en) | 2006-07-12 | 2013-12-24 | Ebay Inc. | Self correcting online reputation |
JP5364578B2 (en) | 2006-07-12 | 2013-12-11 | コファックス, インコーポレイテッド | Method and system for transductive data classification and data classification method using machine learning technique |
US7822821B2 (en) | 2006-07-18 | 2010-10-26 | David Foote | Access point object depositable on a web page and useful for initiating communication between depositing user and buddy |
US7590707B2 (en) | 2006-08-07 | 2009-09-15 | Webroot Software, Inc. | Method and system for identifying network addresses associated with suspect network destinations |
US8190868B2 (en) | 2006-08-07 | 2012-05-29 | Webroot Inc. | Malware management through kernel detection |
US7769992B2 (en) | 2006-08-18 | 2010-08-03 | Webroot Software, Inc. | File manipulation during early boot time |
US8533822B2 (en) | 2006-08-23 | 2013-09-10 | Threatstop, Inc. | Method and system for propagating network policy |
US20080235163A1 (en) | 2007-03-22 | 2008-09-25 | Srinivasan Balasubramanian | System and method for online duplicate detection and elimination in a web crawler |
US20090271428A1 (en) | 2007-05-09 | 2009-10-29 | The Go Daddy Group, Inc. | Tracking digital identity related reputation data |
US8849921B2 (en) | 2007-06-28 | 2014-09-30 | Symantec Corporation | Method and apparatus for creating predictive filters for messages |
US20090063248A1 (en) | 2007-08-31 | 2009-03-05 | Ebay Inc. | Education system to improve online reputation |
US20090064337A1 (en) | 2007-09-05 | 2009-03-05 | Shih-Wei Chien | Method and apparatus for preventing web page attacks |
US8296245B2 (en) | 2008-01-03 | 2012-10-23 | Kount Inc. | Method and system for creation and validation of anonymous digital credentials |
US8001582B2 (en) | 2008-01-18 | 2011-08-16 | Microsoft Corporation | Cross-network reputation for online services |
US20090287641A1 (en) | 2008-05-13 | 2009-11-19 | Eric Rahm | Method and system for crawling the world wide web |
US8359632B2 (en) | 2008-05-30 | 2013-01-22 | Microsoft Corporation | Centralized account reputation |
US8412645B2 (en) | 2008-05-30 | 2013-04-02 | International Business Machines Corporation | Automatic detection of undesirable users of an online communication resource based on content analytics |
US7530106B1 (en) | 2008-07-02 | 2009-05-05 | Kaspersky Lab, Zao | System and method for security rating of computer processes |
US8308557B2 (en) | 2009-01-21 | 2012-11-13 | Igt | Tiered verification |
US8438386B2 (en) | 2009-04-21 | 2013-05-07 | Webroot Inc. | System and method for developing a risk profile for an internet service |
US9081958B2 (en) | 2009-08-13 | 2015-07-14 | Symantec Corporation | Using confidence about user intent in a reputation system |
US8818882B2 (en) | 2009-08-24 | 2014-08-26 | Visa International Service Association | Alias identity and reputation validation engine |
-
2006
- 2006-08-07 US US11/462,827 patent/US8190868B2/en active Active
-
2012
- 2012-04-30 US US13/460,655 patent/US8856505B2/en active Active
-
2014
- 2014-10-06 US US14/507,657 patent/US9754102B2/en active Active
Patent Citations (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6069628A (en) | 1993-01-15 | 2000-05-30 | Reuters, Ltd. | Method and means for navigating user interfaces which support a plurality of executing applications |
US5623600A (en) | 1995-09-26 | 1997-04-22 | Trend Micro, Incorporated | Virus detection and removal apparatus for computer networks |
US6073241A (en) | 1996-08-29 | 2000-06-06 | C/Net, Inc. | Apparatus and method for tracking world wide web browser requests across distinct domains using persistent client-side state |
US6480962B1 (en) | 1996-11-08 | 2002-11-12 | Finjan Software, Ltd. | System and method for protecting a client during runtime from hostile downloadables |
US6092194A (en) | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US6154844A (en) | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US6167520A (en) | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US6611878B2 (en) | 1996-11-08 | 2003-08-26 | International Business Machines Corporation | Method and apparatus for software technology injection for operating systems which assign separate process address spaces |
US6804780B1 (en) | 1996-11-08 | 2004-10-12 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US6310630B1 (en) | 1997-12-12 | 2001-10-30 | International Business Machines Corporation | Data processing system and method for internet browser history generation |
US6701441B1 (en) | 1998-12-08 | 2004-03-02 | Networks Associates Technology, Inc. | System and method for interactive web services |
US6813711B1 (en) | 1999-01-05 | 2004-11-02 | Samsung Electronics Co., Ltd. | Downloading files from approved web site |
US6460060B1 (en) | 1999-01-26 | 2002-10-01 | International Business Machines Corporation | Method and system for searching web browser history |
US20040143763A1 (en) | 1999-02-03 | 2004-07-22 | Radatti Peter V. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer in instant messaging and peer-to-peer applications |
US7484245B1 (en) * | 1999-10-01 | 2009-01-27 | Gigatrust | System and method for providing data security |
US6397264B1 (en) | 1999-11-01 | 2002-05-28 | Rstar Corporation | Multi-browser client architecture for managing multiple applications having a history list |
US6535931B1 (en) | 1999-12-13 | 2003-03-18 | International Business Machines Corp. | Extended keyboard support in a run time environment for keys not recognizable on standard or non-standard keyboards |
US7058822B2 (en) | 2000-03-30 | 2006-06-06 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
US20050120242A1 (en) | 2000-05-28 | 2005-06-02 | Yaron Mayer | System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages |
US20040034794A1 (en) | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US6829654B1 (en) | 2000-06-23 | 2004-12-07 | Cloudshield Technologies, Inc. | Apparatus and method for virtual edge placement of web sites |
US6667751B1 (en) | 2000-07-13 | 2003-12-23 | International Business Machines Corporation | Linear web browser history viewer |
US6785732B1 (en) | 2000-09-11 | 2004-08-31 | International Business Machines Corporation | Web server apparatus and method for virus checking |
US20020129277A1 (en) | 2001-03-12 | 2002-09-12 | Caccavale Frank S. | Using a virus checker in one file server to check for viruses in another file server |
US20020166059A1 (en) | 2001-05-01 | 2002-11-07 | Rickey Albert E. | Methods and apparatus for protecting against viruses on partitionable media |
US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US20030135791A1 (en) * | 2001-09-25 | 2003-07-17 | Norman Asa | Simulated computer system for monitoring of software performance |
US6633835B1 (en) | 2002-01-10 | 2003-10-14 | Networks Associates Technology, Inc. | Prioritized data capture, classification and filtering in a network monitoring environment |
US20030217287A1 (en) | 2002-05-16 | 2003-11-20 | Ilya Kruglenko | Secure desktop environment for unsophisticated computer users |
US20040030914A1 (en) | 2002-08-09 | 2004-02-12 | Kelley Edward Emile | Password protection |
US20040064736A1 (en) | 2002-08-30 | 2004-04-01 | Wholesecurity, Inc. | Method and apparatus for detecting malicious code in an information handling system |
US20040187023A1 (en) | 2002-08-30 | 2004-09-23 | Wholesecurity, Inc. | Method, system and computer program product for security in a global computer network transaction |
US20040080529A1 (en) | 2002-10-24 | 2004-04-29 | Wojcik Paul Kazimierz | Method and system for securing text-entry in a web form over a computer network |
US6965968B1 (en) | 2003-02-27 | 2005-11-15 | Finjan Software Ltd. | Policy-based caching |
US20040225877A1 (en) | 2003-05-09 | 2004-11-11 | Zezhen Huang | Method and system for protecting computer system from malicious software operation |
US20050257266A1 (en) | 2003-06-11 | 2005-11-17 | Cook Randall R | Intrustion protection system utilizing layers and triggers |
US20060265761A1 (en) | 2003-09-15 | 2006-11-23 | Trigence Corp. | Malware containment by application encapsulation |
US20050149726A1 (en) | 2003-10-21 | 2005-07-07 | Amit Joshi | Systems and methods for secure client applications |
US20050114687A1 (en) * | 2003-11-21 | 2005-05-26 | Zimmer Vincent J. | Methods and apparatus to provide protection for firmware resources |
US20050125687A1 (en) * | 2003-12-05 | 2005-06-09 | Microsoft Corporation | Security-related programming interface |
US20050138433A1 (en) | 2003-12-23 | 2005-06-23 | Zone Labs, Inc. | Security System with Methodology for Defending Against Security Breaches of Peripheral Devices |
US20050188272A1 (en) | 2004-01-30 | 2005-08-25 | Bodorin Daniel M. | System and method for detecting malware in an executable code module according to the code module's exhibited behavior |
US20050172115A1 (en) | 2004-01-30 | 2005-08-04 | Bodorin Daniel M. | System and method for gathering exhibited behaviors of a .NET executable module in a secure manner |
US20050216759A1 (en) * | 2004-03-29 | 2005-09-29 | Rothman Michael A | Virus scanning of input/output traffic of a computer system |
WO2006077443A2 (en) * | 2005-01-20 | 2006-07-27 | William Grant Rothwell | Computer protection against malware affection |
WO2007109708A1 (en) | 2006-03-22 | 2007-09-27 | Webroot Software, Inc. | Method and system for denying pestware direct drive access |
Non-Patent Citations (16)
Title |
---|
Bontchev V; "Possible Virus Attacks Against Integrity Programs and How to Prevent Them;" Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB; Sep. 2, 1992; pp. 131-142, XP000613974. |
Codeguru, Hooking the Keyboard, by Anoop Thomas, Dec. 13, 2001, 6 pgs. |
Codeguru, Managing Low-Level Keyboard Hooks With the Windows API for VB .Net, by Paul Kimmel, Apr. 18, 2004, 10 pgs. |
Codeguru, Three Ways to Inject Your Code Into Another Process, by Robert Kuster, Aug. 4, 2003, 22 pgs. |
DevX.com, Intercepting Systems API Calls, by Seung-Woo Kim, May 13, 2004, 6 pgs. |
Illusive Security, Wolves in Sheep's Clothing: malicious DLLs Injected Into trusted Host Applications, Author Unknown, http://home.arcor.de/scheinsicherheit/dll.htm 13 pgs. |
Microsoft.com, How to Subclass a Window in Windows 95, Article ID 125680, Jul. 11, 2005, 2 pgs. |
MSDN, Win32 Hooks by Kyle Marsh, Jul. 29, 1993, 15 pgs. |
PCT Search Report, PCT/US05/34874, Jul. 5, 2006, 7 Pages. |
U.S. Appl. No. 10/956,578, filed Oct. 1, 2004, Steve Thomas. |
U.S. Appl. No. 11/237,291, filed Oct. 28, 2005, Philip Maddaloni. |
U.S. Appl. No. 11/257,609, filed Oct. 25, 2005, filed Oct. 25, 2005, Michael Burtscher. |
U.S. Appl. No. 11/465,680, filed Aug. 18, 2006, Min Wang. |
U.S. Appl. No. 11/482,903, filed Jul. 7, 2006, Patrick Sprowls. |
Ya-Min,"Detecting Stealth Software with Strider Ghostbuster",2005,IEEE, Internation Conference on Dependable Systems. * |
Yi-Min Wang et al.; "Detecting Stealth Software with Strider Ghostbuster," Dependable Systems and Networks, 2005, DSN 2005, Proceedings, International Conference on Yokohama, Japan 28-0 Jun. 2005, Piscatay, NJ, USA, IEE, Jun. 28, 2005; pp. 368-377; XP010817813; ISBN: 0-7695-2282-3. |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9754102B2 (en) | 2006-08-07 | 2017-09-05 | Webroot Inc. | Malware management through kernel detection during a boot sequence |
US8635438B2 (en) | 2006-08-18 | 2014-01-21 | Webroot Inc. | Method and system of file manipulation during early boot time by accessing user-level data associated with a kernel-level function |
US9773106B2 (en) * | 2007-12-13 | 2017-09-26 | Trend Micro Incorporated | Method and system for protecting a computer system during boot operation |
US20140047541A1 (en) * | 2007-12-13 | 2014-02-13 | Trend Micro Incorporated | Method and system for protecting a computer system during boot operation |
US11489857B2 (en) | 2009-04-21 | 2022-11-01 | Webroot Inc. | System and method for developing a risk profile for an internet resource |
US10853491B2 (en) | 2012-06-08 | 2020-12-01 | Crowdstrike, Inc. | Security agent |
US9858626B2 (en) | 2012-06-29 | 2018-01-02 | Crowdstrike, Inc. | Social sharing of security information in a group |
US9122633B2 (en) | 2012-09-20 | 2015-09-01 | Paul Case, SR. | Case secure computer architecture |
US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
US9871809B2 (en) | 2013-08-26 | 2018-01-16 | Shine Security Ltd. | Reversion of system objects affected by a malware |
US9942246B2 (en) * | 2013-09-02 | 2018-04-10 | Shine Security Ltd. | Preemptive event handling |
US20180227316A1 (en) * | 2013-09-02 | 2018-08-09 | Shine Security Ltd. | Preemptive event handling |
US20150067859A1 (en) * | 2013-09-02 | 2015-03-05 | Shine Security Ltd. | Preemptive event handling |
US10289405B2 (en) | 2014-03-20 | 2019-05-14 | Crowdstrike, Inc. | Integrity assurance and rebootless updating during runtime |
US11340890B2 (en) | 2014-03-20 | 2022-05-24 | Crowdstrike, Inc. | Integrity assurance and rebootless updating during runtime |
US20170061127A1 (en) * | 2015-07-28 | 2017-03-02 | Crowdstrike, Inc. | Integrity Assurance Through Early Loading in the Boot Phase |
US10339316B2 (en) * | 2015-07-28 | 2019-07-02 | Crowdstrike, Inc. | Integrity assurance through early loading in the boot phase |
US10387228B2 (en) | 2017-02-21 | 2019-08-20 | Crowdstrike, Inc. | Symmetric bridge component for communications between kernel mode and user mode |
Also Published As
Publication number | Publication date |
---|---|
US9754102B2 (en) | 2017-09-05 |
US20080034429A1 (en) | 2008-02-07 |
US20150089648A1 (en) | 2015-03-26 |
US8856505B2 (en) | 2014-10-07 |
US20120216027A1 (en) | 2012-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8190868B2 (en) | Malware management through kernel detection | |
Wang et al. | Detecting stealth software with strider ghostbuster | |
US7841006B2 (en) | Discovery of kernel rootkits by detecting hidden information | |
US7647636B2 (en) | Generic RootKit detector | |
RU2571723C2 (en) | System and method of reducing load on operating system when executing antivirus application | |
US7676845B2 (en) | System and method of selectively scanning a file on a computing device for malware | |
US7627898B2 (en) | Method and system for detecting infection of an operating system | |
EP2486507B1 (en) | Malware detection by application monitoring | |
US8572371B2 (en) | Discovery of kernel rootkits with memory scan | |
US20080005797A1 (en) | Identifying malware in a boot environment | |
US20070094496A1 (en) | System and method for kernel-level pestware management | |
US20060294592A1 (en) | Automated rootkit detector | |
KR20060046231A (en) | Managing spyware and unwanted software through auto-start extensibility points | |
Shan et al. | Safe side effects commitment for OS-level virtualization | |
US20060230291A1 (en) | System and method for directly accessing data from a data storage medium | |
US7941850B1 (en) | Malware removal system and method | |
Shan et al. | Malware clearance for secure commitment of OS-level virtual machines | |
US20060212940A1 (en) | System and method for removing multiple related running processes | |
WO2007050767A2 (en) | System and method for neutralizing pestware that is loaded by a desirable process | |
US20070169198A1 (en) | System and method for managing pestware affecting an operating system of a computer | |
US8201253B1 (en) | Performing security functions when a process is created | |
US20070168694A1 (en) | System and method for identifying and removing pestware using a secondary operating system | |
US20150199516A1 (en) | Execution profile assembly using branch records | |
US20080028388A1 (en) | System and method for analyzing packed files | |
RU2638735C2 (en) | System and method of optimizing anti-virus testing of inactive operating systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: WEBROOT SOFTWARE, INC., COLORADO Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SCHNEIDER, JEROME L;REEL/FRAME:018636/0082 Effective date: 20061212 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: WEBROOT INC., COLORADO Free format text: CHANGE OF NAME;ASSIGNOR:WEBROOT SOFTWARE, INC.;REEL/FRAME:028953/0917 Effective date: 20111219 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FEPP | Fee payment procedure |
Free format text: PAT HOLDER CLAIMS SMALL ENTITY STATUS, ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: LTOS); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
AS | Assignment |
Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, COLORADO Free format text: SECURITY INTEREST;ASSIGNOR:WEBROOT INC.;REEL/FRAME:034742/0085 Effective date: 20141223 |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FEPP | Fee payment procedure |
Free format text: PAT HOLDER NO LONGER CLAIMS SMALL ENTITY STATUS, ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: STOL); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
SULP | Surcharge for late payment | ||
AS | Assignment |
Owner name: WEBROOT INC., COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050454/0102 Effective date: 20190319 |
|
AS | Assignment |
Owner name: BARCLAYS BANK PLC, AS COLLATERAL AGENT, NEW YORK Free format text: SECURITY INTEREST;ASSIGNOR:WEBROOT INC.;REEL/FRAME:048723/0612 Effective date: 20190326 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |
|
AS | Assignment |
Owner name: WEBROOT INC., MASSACHUSETTS Free format text: RELEASE OF SECURITY INTEREST IN PATENT RIGHTS RECORDED AT R/F 048723/0612;ASSIGNOR:BARCLAYS BANK PLC, AS COLLATERAL AGENT;REEL/FRAME:051418/0714 Effective date: 20191224 |
|
AS | Assignment |
Owner name: WEBROOT LLC, COLORADO Free format text: CERTIFICATE OF CONVERSION;ASSIGNOR:WEBROOT INC.;REEL/FRAME:064176/0622 Effective date: 20220930 Owner name: CARBONITE, LLC, MASSACHUSETTS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:WEBROOT LLC;REEL/FRAME:064167/0129 Effective date: 20221001 |
|
AS | Assignment |
Owner name: OPEN TEXT INC., CALIFORNIA Free format text: ASSIGNMENT AND ASSUMPTION AGREEMENT;ASSIGNOR:CARBONITE, LLC;REEL/FRAME:064351/0178 Effective date: 20221001 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 12 |